Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

Tuesday, August 14, 2007

Daily Highlights

InformationWeek reports law enforcement officials have arrested at least 10 people since the beginning of the year for their roles in using stolen information to commit fraud, after the theft of 45.7 million customer records from TJX. (See item 6)·The Associated Press reports a 25−pound chunk from United Express Flight 7350, a commuter jet headed to Washington's Dulles International Airport, landed in a grassy area between houses and soccer fields near Boyds, Maryland. (See item 12)·Information Technology and Telecommunications Sector

30.August 13, VNUNet— Black hat IPS reverse engineering poses 'serious threat'. A recently disclosed Black Hat hacker technique for reverse engineering intrusion prevention system (IPS) data poses a “serious risk” for thousands of enterprises, Gartner has warned. The analyst firm’s warning comes after a speaker at the recent Black Hat Briefings conference in Las Vegas demonstrated a method of reverse−engineering IPS signatures for zero−day vulnerabilities. The demonstration used signatures from 3Com's TippingPoint IPS, but Gartner notes that there is “an implication” that all IPS vendor's signatures are at risk. Paul E. Proctor, research vice president at Gartner, explained that enterprises use IPS technologies, which interpret external files containing signature definitions, to protect against the exploitation of vulnerabilities. However, when these patterns contain signatures for zero−day vulnerabilities, hackers can use this data to create exploit code based on vulnerabilities for which no protection exists. They can also use the signature file to write an exploit that bypasses the zero−day signature undetected, Proctor warned.Source: http://www.vnunet.com/vnunet/news/2196512/black−hat−ips−reve rse

31.August 13, Register (UK)— Germany enacts controversial anti−hacker law. Germany has introduced anti−hacker measures that criminalize the creation or possession of dual−use security tools. An update to the country's computer hacking laws makes denial−of−service (DoS) attacks and hacking assaults against individuals clearly criminal. Gaining access to data, without necessarily stealing information, would also become an arrestable offense. The most serious offenses are punishable on conviction by up to 10 years' imprisonment. Controversy centers around a provision in the laws that make it an offense to create or distribute "hacking tools," a notoriously ambiguous term. The distinctions between, for example, a password cracker and a password recovery tool, or a utility designed to run DoS attacks and one designed to stress−test a network, are not covered by the new law, critics argue. Possession of dual−use tools −− port scanners such as nmap or security scanners like nessus −− is punishable by imprisonment of up to 12 months and a fine.Source: http://www.theregister.co.uk/2007/08/13/german_anti−hacker_l aw/

32.August 12, ComputerWorld— UN Website goes offline hours after SQL injection attack. "Hackers" defaced the United Nations' (UN) Website early Sunday, August 12, with messages accusing the U.S. and Israel of killing children. As of late afternoon, some sections, including the area devoted to Secretary General Ban Ki−Moon, remained offline. The attack, spelled out by an Italian software developer on his blog and later reported by the BBC, replaced blurbs of recent speeches by Ban with text attributed to a trio of would−be hackers. The section of the UN's site dedicated to Ban was still offline as of 5 p.m. EDT Sunday. Giorgio Maone, a software developer from Palermo, Italy, noted the incident timeline and posted several screenshots of the defacement on his blog. Maone pegged the attack as an SQL injection exploit, which let the attackers add their own HTML code to the site.Maone's blog: http://hackademix.net/2007/08/12/united−nations−vs−sql−injec tions/Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9030318&intsrc=hm_list

33. August 10, InformationWeek — Toshiba recalls more laptop batteries. Toshiba has issued its second recall in a month of Sony notebook batteries that could overheat and burst into flames. The latest recall, announced Thursday, August 9, by the U.S. Consumer Product Safety Commission, affects about 1,400 notebooks. The models include the Satellite A100 and A105, and the Tecra A7, which sell for as little as $680. The recall stemmed from three reports outside of the United States of notebook batteries overheating.Source: http://www.informationweek.com/news/showArticle.jhtml?articl eID=201400284

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"